Researchers have found a way to impersonate mobile devices on 4G and 5G mobile networks, and are calling on operators and standards bodies to fix the flaw that caused it. Research into the vulnerability, conducted by academics at Ruhr Universität Bochum and New York University Abu Dhabi, is called Impersonation Attacks in 4G Networks (IMP4GT),...
Read More
The scene stealer in January’s Patch Tuesday updates from Microsoft was CVE-2020-0601, a very serious vulnerability in the crypt32.dll library used by more recent versions of Windows. The flaw, which also goes by the names Chain of Fools and Curveball, allows an attacker to fool Windows into believing that malicious software and websites have been digitally...
Read More
The burning question of the moment is, “What about CVE-2020-0601?” That’s the bug number assigned to one of the security holes fixed in Microsoft’s January 2020 Patch Tuesday updates. Of the 50 bugs patched this month, that’s the Big One, officially described by Microsoft as a “Windows CryptoAPI Spoofing Vulnerability“. To explain. The CryptoAPI, partly...
Read More